No-code Trust World Wide Public CAs using Appdome

Trust World Wide Public CAs: This KB article describes how to implement Appdome’s Trust World Wide Public CAs in any Android or iOS app. This feature will designate a list of trusted public CAs to the mobile device’s trust store which will be verified by Appdome when establishing a TLS session.

About Appdome’s Trust World Wide Public CAs feature

Mobile devices come with an OEM list of built-in public certificate authorities (CA). However, certificates and CAs can be altered by hackers or installed on devices and apps in malicious ways (without anyone knowing). This makes it hard to know if the list of CAs currently installed on the device can actually be trusted (because they could have been altered).  Using Appdome, you can solve this problem. Appdome maintains an up to date list of Public trusted CA(s), which is continuously updated with the various worldwide trusted CA authorities (such as Verisign,  Go-Daddy, etc). Appdome inspects certificates and CAs at runtime to ensure that alterations have not been made.

When an SSL/TLS session is initiated with a mobile app,  Appdome compares the CAs currently installed on the mobile device against the updated list of trusted CAs that Appdome maintains. If the CAs on the device do not match the trusted CA list maintained by Appdome, the session is dropped.

We hope you find it useful and enjoy using Appdome!

Trust World Wide Public CAs using Appdome

Appdome is a no-code mobile security and mobile integration platform that allows users to add security features, like RASP, code obfuscation, data encryption and more, as well as mobile threat, mobile fraud, anti-bot and other SDKs and APIs to Android and iOS apps. This KB describes how to use Appdome’s simple ‘click to build’ user interface to quickly and easily build Trusted Session Protection into any mobile app – instantly, no code or coding required.

Prerequisites for using Appdome Trusted Session

Please follow these steps to add a mobile application to your Appdome account.
If you don’t have an Appdome account, click here to create an account.

From the “Build” tab, go to the Security menu

  1. Click  Secure Communications to expand the bundle.
  2. Click on the toggle to enable Trusted Session.
  3. (optional) Fill out the custom message that is displayed in case of a security event.
  4. MiTM Prevention will be automatically enabled on your app
  5. Malicious Proxy Detection will be automatically enabled on your app
  6. Prohibit Stale Sessions option will be automatically enabled on your app
  7. Trust World Wide Public CAs option will be automatically enabled on your app
  8. Enable +DEV Events to configure this security alert on your app.
  1. (optional) Toggle the DEV-EventsTM switch, if your wish that your app will handle Appdome events.
  2. Click Build My App

The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add MicroVPN to the mobile app in seconds.

Congratulations! You now have a mobile app fully integrated with Appdome Trusted Session 

What to do After I Build My App?

After you successfully build an app, you need to sign the app in order to deploy it. You can also brand or customize an app on Appdome. Read this Knowledge Base article to learn what to do after you successfully build an app. It explains both optional steps and required steps.

That is it – Enjoy using your secured app!

How Do I Learn More?

To learn more you can read this KB article on Appdome Trusted Session.

To zoom out on this topic, visit  Appdome for Mobile App Security on our website.

Or request a demo at any time.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.  

 

Alan Bavosa

Have a question?

Ask an expert

PascalMaking your security project a success!